Google Dork Scanner - Find Vulns?

Mar 25, 2008

Anyone use this poorly coded thing?

Goolag Scanner coded by CULT OF THE DEAD COW/cDc communications

Ive been using it for a bit, but i don't have any vulns on most of my box's.

Anyone else find this thing effective?

Ive passed it onto a few clients, seem to entertain them doing there own basic google powered security scans.

Here is a quick download; Goolag_Scanner_1.0.0.40_Setup.exe

Ive pulled a few results on other large sites, some interesting data thats spread out on google, strange how the crawlers get into it?

1.2 Software

To understand Goolag Scanner, it is important to understand how "dorks"
work (see 1.4) and with that, to establish the use of dorks as an
acceptable tool for information security experts, penetration testers,
and practical paranoids.

1.4 Terms And Abbreviations

* Dork = A detailed search pattern - heretofore used with Google's
search engine - that uses Google to show untapped results for web
sites previously indexed by Google.

The intention of a dork is to find results that might show
information relevant to security issues and/or confidential data.

From our point of view, dorks are not limited to Google. Frankly,
they are malicious patterns that apply to most search engines.

* gS = Goolag Scanner

* cDc = CULT OF THE DEAD COW/cDc communications

View 3 Replies


ADVERTISEMENT

Google Apps (Standard) And Two Different Domains: How Many Google Accounts Do I Need?

Jun 27, 2009

I hope some of you are using Google Apps and can help me to find an answer to the following question:

I own two different and independent domain names (e.g. domain1.com and domain2.com).
I'd like to use the Google Apps (Standard, free edition) with them to create two different and totally independent mailboxes (e.g. abc@domain1.com and xyz@domain2.com).

But how many Google accounts I need to do this? Can I manage two (or more) independent and fully functional domains using one Google account?

P.S.
Help section contains descriptions of aliases for multiple domains, which are just pointers or shortcuts, but not a fully functional mailboxes, so this solution isn't something I'm looking for.

View 7 Replies View Related

EXploit Scanner (cxs)

Nov 6, 2009

CSF install the new version, I warned that the option Check for cxs. I had a few questions!

1 - is it free? And can be installed and will work?

2 - I like these things are additional to the installation?

3 - a bit about this new possibility to explain how to solve the case to get out of the red.

View 14 Replies View Related

Formmail Scanner

Jan 4, 2007

Does anyone know any open source tools that will scan cgi programs for exploits? Specifically for exploitable formmail scripts.

View 0 Replies View Related

What Email Scanner Gateway

Apr 10, 2009

What type of free email scanner gateway that you are using? I am using SA, Clam and Qmail. It's a little old and w/o the GUI for client to manage the settings.

I'm thinking to switch to something with GUI. Perhaps the combination of Exim, SA, Clam, MAilScanner and a GUI.

View 0 Replies View Related

Illegal Content Scanner

May 20, 2009

While reading a lot of posts and blogs about hosting, I just wanted to ask if someone has an idea on how to find files with illegal content.

I just tried a few bash scripts, but if there are a few thousand files, most of them stop working or produce server loads that stop the whole server.

Is there any software already out there or any script to scan the content on server for phrases?

View 12 Replies View Related

Secure Server From Scanner

Dec 4, 2008

i want to secure my server that scanner tools can not scan my site . because of one of my site is very important to do not scan of folder.

my server os : linux Centos 5

View 3 Replies View Related

ClamAV Scanner Resource Intensive?

Oct 22, 2006

I would like to know how resource intensive is ClamAV Scanner. Should I allow it or not to my VPS clients/resellers?

Can I set it to use it as root? How?

View 0 Replies View Related

Virus Scanner For Unix Server?

Aug 27, 2007

I wonder which virus scanner software is useful for Unix server(Centos 4.5). One of my client install SMF forum and when visitors access the forum,their virus scanner warn that site is affected by trojan. I used Clamav to scan entire home directory but seem nothing found.

View 4 Replies View Related

Linux Server Security Scanner

Apr 28, 2008

i have managed server. just i want sure if it is secured.

i want company to test my server, Security Scanner.

and give me report about my bugs.

View 7 Replies View Related

How To Block Acunetix Scanner With Mod_security

Aug 12, 2007

Anobody knows appropriate rules to block Acunetix scanner to crawl my sites?

View 8 Replies View Related

File System Vulnerablity Scanner

Feb 20, 2007

Are there any vulnerability scanners that search the local file system for vulnerable apps?

I don't need an external scanner. I want to scan all my users home dirs for bad apps - old coppermines, phpbb, etc.

I've not been able to find anything like this.

View 4 Replies View Related

Emails Not Displaying Mail Scanner Headers

Sep 14, 2008

i installed the latest version of the mail scanner on my linux server. It has been tested to be scanning and running properly. But one thing that is unusual is that the emails that is being processed by the mailscanner does not get tagged as its being processed by it. Hence i do not really know whether it has been processed.

When i check the email full headers, i am missing information like spam score, spam information and spam status. I did a check in the mailscanner.conf and the configuration was done correctly.

how can we set these information to show on the email header that it has been processed.

View 2 Replies View Related

Using Find Command With Regex To Find All Number-only Filenames

Oct 15, 2007

how can i do a search for all files (probs using regex) of files consisting purely of numbers?

for e.g. find:

53243.php
24353.php
24098.php

(always have 5 numbers).

seems one of my accounts has had some script run which generated a bunch of these in various subfolders, and the php file basically does a callback to www3.rssnews.ws and www3.xmldata.info, which seem to be some sort of spyware servers.

View 10 Replies View Related

/?wcw=google In Google Analytics

Apr 30, 2008

There is probably a simple explanation for this, but in our Google Analytics stats one of the most popular pages is

/?wcw=google
Can anyone explain exactly what this is?

View 0 Replies View Related

How Does Google Do This

Aug 16, 2007

When i check dnsreport, i see that google.com has more than 1 server. And i wonder what is that method called? is that something called scalable servers ?

[url]

Your google.com A record is:

google.com. A 64.233.187.99 [TTL=300]
google.com. A 64.233.167.99 [TTL=300]
google.com. A 72.14.207.99 [TTL=300]

View 14 Replies View Related

Usa Hosting, In Google Uk ?

Jan 30, 2009

I was wondering if I went with a USA hosting company and had a .co.uk domain would I get into Google UK, or is that just for UK IP addresses?

View 9 Replies View Related

Google App Engine As CDN?

Jul 19, 2008

I have a site with heavy use of large and small images. The site gets majority of traffic from US and Asia. Using a CDN for JS, CSS, site images and user uploaded images will help the site a lot to speed up.

One of the cheaper options is Cachefly which I was considering, until I found an article about using Google's App Engine as CDN. http://www.google.com/search?q=google+app+engine+cdn

I think it is very inexpensive way to put your content on a CDN. Has anyone tried App Engine as a CDN? Does anyone know if they serve content from local servers in Asia, Europe or is the content served from US?

View 14 Replies View Related

What Network Does Google Use

Jul 8, 2008

I know google response times are the best. So my plan is to get a dedicated server from a web host that uses the same network that google uses.

View 13 Replies View Related

Using Google Apps

Jan 18, 2008

What can be disabled (Mail related) if the only domains on the server use google apps "gmail" for mail? I only really need roots mail. Anyone tried this yet, I figured I asked before I use trial and error.

antirelayd
exim
imap
pop

View 0 Replies View Related

Postfix + Google = Headache

Feb 25, 2008

I installed recently Postfix + Dovecot (yum) on a CentOS 5.1 test box. The configuration went OK, I can telnet on port 25, 587 and 465 with no problems.

# hostname -f
localhost.localdomain

#openssl s_client -connect localhost:465
CONNECTED(00000003)
depth=0 /C=CA/ST=Quebec/L=Montreal/O=Axivo Inc./CN=localhost/emailAddress=webmaster@localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=CA/ST=Quebec/L=Montreal/O=Axivo Inc./CN=localhost/emailAddress=webmaster@localhost
verify return:1
[more certificate code here ...]
---
220 localhost.localdomain ESMTP Postfix
ehlo localhost
250-localhost.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

# telnet localhost 587
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix
ehlo localhost
250-localhost.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN ....

View 8 Replies View Related

Google Apps Alternative?

Mar 17, 2009

does anyone know of a google apps alternative seeing as google apps is no longer free.

View 4 Replies View Related

Global DNS To Enhance Google

Oct 5, 2009

Is there a way to use DNS system (eg. Power DNS) so that based on geographical location Googlebot will locate a localized version of the site and hence will get a higher ranking for that country?

View 4 Replies View Related

Can't Verify My Site On Google

Jan 30, 2009

please bear w/ me since this is my first time on launching a site online..

My site is being hosted by a free hosting company..

When I tried viewing the source code of my page some of the html tags are not seen like the <html>,<meta>,<head>...

and I can't seem to verify my site on google...

Verification status: NOT VERIFIED

Last attempt Jan 30, 2009: We've detected that your 404 (file not found) error page returns a status of 200 (Success) in the header.

why is this so?

Did the host delete those?

what should i do?

View 7 Replies View Related

Google APp Engine App Spot

Mar 14, 2009

Is google app engine good for hosting web applications?

View 3 Replies View Related

Google APPS And MX Settings

Feb 7, 2008

I want to shift my mail to Google Apps (standard version). Currently my DNS is pointed towards 1and1 dedicated servers (having problems with 1and1 mail services). Want to keep hosting with them but change the Email to Google apps.

The Registrar of the domain is Netfirms, Inc.

My current Settings for nameservers in Nefirms CP are:
ns29.1and1.com
ns30.1and1.com

Google Instructed me to verify first by creating a CNAME, which I did in Netfirms control panel.

'googlexxxxx.mydomain.com' Pointing to 'google.com'

DONE.

Google gave me the MX records to enter in the Netfirms panel.

ASPMX.L.GOOGLE.COM
ALT1.ASPMX.L.GOOGLE.COM

DONE.

It's been more than 24 hours, neither MX updated not that CNAME lookup 'googlexxxxx.mydomain.com is propogating.

What I am supposed to do here? I am waiting here for last 24 hours. I think that I have to set up these settings with my registrar (Netfirms) rather than it has to do something with 1and1?

Any suggestions?

View 1 Replies View Related

Does Hosting Affect Google PR?

Oct 3, 2006

If I change hosts, will that affect my google pagerank?

View 5 Replies View Related

Iptables + Google Smtp

Dec 16, 2008

iptables + google smtp

I've got OpenSSL Version OpenSSL 0.9.8b 04 May 2006 running on PHP5 and am having some trouble sending mail through an external SMTP.

What rules would I need to setup on my iptables to allow the server to send mail through tls://smtp.gmail.com rather than on my local mail server?

Google seems to allow SMTP traffic through port 465 and 587.

View 2 Replies View Related

Did You Guys Know Google Is A Web Host

Apr 10, 2009

Yup,Its True Google Has Been a Web Host for quite some Time. Well They don't host Website's but they have an ICANN accrededited License(Domain Registrar Licence) as well.

View 14 Replies View Related

Google Hammering My Site....

Dec 12, 2008

So I checked on the Google Webmaster tools, it has a nice graph now saying that it's hit my site 30 times/day for the last month or so. HOWEVER, when I look at my logs (I log googlebot) I have over 17000 page views in the last three days. Already I am using the Agent to remove images and some of the more expensive queries which are too old to be in the cache (Googlebot looks at pages on my site which are very old).

What other things should I be doing...? I appreciate that Google is indexing my site, but this is more of a scrape, than index. Just for this month alone, looking at my stats, I see the following:

144360 10.03% 143949 12.31% 1724938 17.72% 2 0.01% crawl-66-249-66-1.googlebot.com

2 visits, generating 144360 page views!!!!

View 7 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved